Senior Cybersecurity Engineer jobs in United States
info-icon
This job has closed.
company-logo

recruit22 ยท 1 month ago

Senior Cybersecurity Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date7+ years exp

Confidential company is seeking a Senior Cybersecurity Engineer focused on enterprise security engineering. The role emphasizes email security, DLP, SIEM engineering, and collaboration with various teams to enhance security controls and automate processes.

Responsibilities

Operate and tune enterprise email security gateway (SEG) and DLP controls, including escalations, quarantined message review, and release workflows
Refine DLP policies, smart identifiers, dictionaries, and detection logic to reduce false positives and protect sensitive data
Support and improve email authentication posture (DMARC/DKIM/SPF) and modify inbound/outbound policy routes as required
Develop SIEM engineering for new data sources: integrate, validate, normalize, enrich, correlate, document, and hand off to operations
Drive resolution of SIEM detection tuning backlog and continuously improve fidelity across endpoint, cloud, identity, badge, and network telemetry
Develop correlation logic and SOC-focused workflows to reduce alert fatigue and improve detection quality
Design and implement SOAR workflows to automate enrichment, correlation, case updates, and triggered response actions (e.g., forced password resets)
Synchronize case status across platforms (EDR, data governance, SIEM) and enable automated closure/annotation of bulk detections
Automate IOC reputation checks, identity lookups, enrichment, and integrated IP/URL blocking via firewalls or filtering platforms (as applicable)
Generate and publish SIEM/SOC metrics including MTTR, time-to-triage, time-to-detect, detection volume, disposition trends, and attack vector analysis
Collaborate with SOC/IR teams to investigate escalations; implement engineering changes to prevent recurrence
Create and maintain high-quality technical documentation, runbooks, onboarding standards, and operational guides

Qualification

Email security/DLP operationsSIEM engineeringAutomation/SOAR workflowsScripting proficiencyEDR platformsEmail authentication standardsDocumentation skillsCommunication skillsCollaboration skillsProblem-solving skills

Required

7+ years in cybersecurity engineering roles, with strong emphasis on email security/DLP operations, SIEM engineering, detection tuning, and automation
Hands-on experience with enterprise email security gateways and DLP solutions, including policy tuning, identifiers/dictionaries, and regex-based rule creation
Strong familiarity with EDR platforms, endpoint telemetry, and the ability to operationalize EDR signals in SIEM workflows
Proven SIEM engineering experience: log-source onboarding, parsing/normalization, enrichment, correlation, detection tuning, and operational handoff
Experience building automations (SOAR or native platform automation) supporting enrichment, correlation, case-state synchronization, and triggered response actions
Scripting proficiency required: PowerShell, Python, and Linux shell (Bash), including use of APIs for automation and data processing
Demonstrated ability to create SOC-focused dashboards/reports (MTTR, detection fidelity, triage timelines, false-positive trends, threat patterns)
Knowledge of email authentication standards including DMARC, DKIM, and SPF and their operational impacts
Familiarity with regulated industry requirements (HIPAA, GLBA, PCI) and how security controls support compliance
Excellent documentation, communication, and cross-team collaboration skills; ability to create runbooks and engineering standards
Ability to work directly with SOC, IAM, infrastructure, networking, and cloud teams to build operationally ready solutions
Ability to articulate technical concepts to technical and nontechnical audiences
Ability to work effectively across varied scenarios and complex problems
Ability to execute tasks or projects without established organizational precedent
Analytical and creative problem-solving to propose effective security solutions
Strong collaboration with cross-functional teams
Ability to quickly learn and adapt to new technologies

Company

recruit22

twitter
company-logo
We are a forward-thinking and innovative recruitment firm. We offer strategic recruitment solutions using cutting-edge technologies and methodologies.
dateFounded in 2023
location
Naperville, Illinois, US
people-size11-50 employees
web-link
https://recruit22.com/

Funding

Current Stage
Early Stage
Company data provided by crunchbase